Recently, Google has been telling Gmail users that their account's may be the target of state-sponsored cyber-attacks. Not all accounts where affected and no details where given as to the type of attack and which government or government sponsored entity it suspects is responsible. Google is suggesting people create new, stronger passwords and be careful where they log into their accounts from. Of course when the phrase "state-sponsored cyber-attacks" is mentioned many point immediately at China, which has become notorious for its reach over the internet.
The warning should not reflect poorly on Google. In fact, it illustrates their proactive information security infrastructure to deal with such incidents. Ultimately, a significant part of security lies with users. Users must also be proactive and with an eye peeled for anything suspicious. The best thing to prevent/detect such attacks is for every party in information transactions to keep their own controls and habits up to date and be proactively defending/searching for such attacks. For example, when Gmail users see Google informing them of an attack, they should review the findings, heed their warnings, and take the prescribe actions. Because Google did not specify the type of attack, whether hacking, phishing, etc, it will require users to use a broad spectrum of security defense measures. These defense measures include, but are not limited too, ensuring websites have HTTPS in the address, not emailing sensitive personal data like passwords, and keeping a strong password. Google is also enforcing security defenses on their end, such as the detection method used to find this breach, and strong encryption.
-Stephanie Watkins - Article #1
Responding to a $1000 dare from the U.S. department of homeland security and group from the University of Texas at Austin, has successful hacked a drone aircraft. They used a technique known as gps spoofing. Using a stronger than satellite signal that made the drone think it was in a different location than it actually is. They did this by having it mistake the hackers signal as the true GPS signal. This could mean someone, who has the location of the drone, can redirect it or crash it from its own gains. The scary part is, according to Noel Sharkey, co-founder of the International Committee for Robot Arms Control, "It's easy to spoof an unencrypted drone. Anybody technically skilled could do this - it would cost them some £700 for the equipment and that's it." That's the same tactic the 9-11 attackers used. Fixes could include making the drones stealthier since the hackers need the location of the drone to be successful. Also the drone could use a more securely encrypted GPS signal. Detection could come from monitoring the drone constantly to immediately take action if it changes course.
The warning should not reflect poorly on Google. In fact, it illustrates their proactive information security infrastructure to deal with such incidents. Ultimately, a significant part of security lies with users. Users must also be proactive and with an eye peeled for anything suspicious. The best thing to prevent/detect such attacks is for every party in information transactions to keep their own controls and habits up to date and be proactively defending/searching for such attacks. For example, when Gmail users see Google informing them of an attack, they should review the findings, heed their warnings, and take the prescribe actions. Because Google did not specify the type of attack, whether hacking, phishing, etc, it will require users to use a broad spectrum of security defense measures. These defense measures include, but are not limited too, ensuring websites have HTTPS in the address, not emailing sensitive personal data like passwords, and keeping a strong password. Google is also enforcing security defenses on their end, such as the detection method used to find this breach, and strong encryption.
-Stephanie Watkins - Article #1
Responding to a $1000 dare from the U.S. department of homeland security and group from the University of Texas at Austin, has successful hacked a drone aircraft. They used a technique known as gps spoofing. Using a stronger than satellite signal that made the drone think it was in a different location than it actually is. They did this by having it mistake the hackers signal as the true GPS signal. This could mean someone, who has the location of the drone, can redirect it or crash it from its own gains. The scary part is, according to Noel Sharkey, co-founder of the International Committee for Robot Arms Control, "It's easy to spoof an unencrypted drone. Anybody technically skilled could do this - it would cost them some £700 for the equipment and that's it." That's the same tactic the 9-11 attackers used. Fixes could include making the drones stealthier since the hackers need the location of the drone to be successful. Also the drone could use a more securely encrypted GPS signal. Detection could come from monitoring the drone constantly to immediately take action if it changes course.
-Stephanie Watkins - Article #2
50/50